feat(esp_https_server): Updated the ESP_TLS_SERVER_CERT_SELECT_HOOK config

Update the ESP_TLS_SERVER_CERT_SELECT_HOOK config to ESP_HTTPS_SERVER_CERT_SELECT_HOOK And made it depend on ESP_TLS_SERVER_CERT_SELECT_HOOK
2025-09-02 22:51:14 +00:00 · 2024-10-03 18:25:54 +05:30
parent b7aecdbbaf
commit ace6a490bc
9 changed files with 55 additions and 7 deletions
--- a/docs/en/api-reference/protocols/esp_https_server.rst
+++ b/docs/en/api-reference/protocols/esp_https_server.rst
@@ -70,6 +70,26 @@ Application Examples

 - :example:`protocols/https_server/wss_server` demonstrates how to create an SSL server with a simple WebSocket request handler that supports handling multiple clients, PING-PONG mechanism, and sending asynchronous messages to all clients.

+HTTPS Server Cert Selection Hook
+--------------------------------
+
+The ESP HTTPS Server component provides an option to set the server certification selection hook. This feature allows you to configure and use a certificate selection callback during server handshake. The callback helps to select a certificate to present to the client based on the TLS extensions supplied in the client hello message, such as ALPN and SNI. To enable this feature, please enable :ref:`CONFIG_ESP_HTTPS_SERVER_CERT_SELECT_HOOK` in the ESP HTTPS Server menuconfig. Note that you also need to enable :ref:`CONFIG_ESP_TLS_SERVER_CERT_SELECT_HOOK` from the ESP-TLS component, as this option depends on it. Please note that the ESP-TLS option is only available when Mbedtls is used as the TLS stack for ESP-TLS (default behaviour).
+
+When enabled, you can set the certificate selection callback using the :cpp:member:`httpd_ssl_config::cert_select_cb` member of the :cpp:type:`httpd_ssl_config_t` structure.
+
+.. code-block:: c
+
+  int cert_selection_callback(mbedtls_ssl_context *ssl)
+    {
+        /* Code that the callback should execute */
+        return 0;
+    }
+
+    httpd_ssl_config_t cfg = {
+        cert_select_cb = cert_section_callback,
+    };
+
+
 API Reference
 -------------

--- a/docs/en/migration-guides/release-5.x/5.4/index.rst
+++ b/docs/en/migration-guides/release-5.x/5.4/index.rst
@@ -11,3 +11,4 @@ Migration from 5.3 to 5.4
    bluetooth-classic
    storage
    wifi
+    protocols
--- a/docs/en/migration-guides/release-5.x/5.4/protocols.rst
+++ b/docs/en/migration-guides/release-5.x/5.4/protocols.rst
@@ -0,0 +1,14 @@
+Protocols
+=========
+
+:link_to_translation:`zh_CN:[中文]`
+
+HTTPS Server
+------------
+
+Certificate Selection Hook
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+In order to enable the Certificate Selection hook feature in ESP HTTPS Server, now you need to enable :ref:`CONFIG_ESP_HTTPS_SERVER_CERT_SELECT_HOOK` instead of :ref:`CONFIG_ESP_TLS_SERVER_CERT_SELECT_HOOK`.
+
+The new :ref:`CONFIG_ESP_HTTPS_SERVER_CERT_SELECT_HOOK` option automatically selects :ref:`CONFIG_ESP_TLS_SERVER_CERT_SELECT_HOOK`.